Re: [PATCH v38 09/39] LSM: Add the lsmblob data structure.

When more than one security module is exporting data to audit and networking sub-systems a single 32 bit integer is no longer sufficient to represent the data. Add a structure to be used instead. The lsmblob structure is currently an array of u32 "secids". There is an entry for each of the security modules built into the system that would use secids if active. The system assigns the module a "slot" when it registers hooks. If modules are compiled in but not registered there will be unused slots. The slot number is added to the lsm_id structure. The audit rules data is expanded to use an array of security module data rather than a single instance. A new structure audit_lsm_rules is defined to avoid the confusion which commonly accompanies the use of void ** parameters. Signed-off-by: Casey Schaufler <casey(a)schaufler-ca.com&gt; ---

diff --git a/security/landlock/setup.c b/security/landlock/setup.c index 1242c61c9de4..adbe941370f3 100644 --- a/security/landlock/setup.c +++ b/security/landlock/setup.c @@ -27,6 +27,7 @@ struct lsm_blob_sizes landlock_blob_sizes __lsm_ro_after_init = { struct lsm_id landlock_lsmid __lsm_ro_after_init = { .lsm = LANDLOCK_NAME, .id = LSM_ID_LANDLOCK, + .slot = LSMBLOB_NOT_NEEDED,